Job Description Tyto Athene is searching for aMid-Level Cyber Threat Hunterto support our customer in Arlington, Virginia. Responsibilities:
- Experience with securing and hardening IT infrastructure
- Demonstrated or advanced experience with computer networking and operating systems
- Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
- Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
- Experience with network hunting, including Bro Logs, DNS, Netflow, PCAP, or firewalls and proxies
- Knowledge of Windows and Linux OS' and command line
- Ability to analyze malware, extract indicators, and create signatures in Yara and Snort
- Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
- Knowledge related to the current state of cyber adversary tactics and trends
- Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
- Knowledge of the TCP/IP networking stack and network IDS technologies
Required:
- Bachelor's degree in Computer Science, Information Technology, or related field and4 years of relevant experience
- Experience with securing and hardening IT infrastructure
- Demonstrated or advanced experience with computer networking and operating systems
- Experience with operational security, including security operations center (SOC), incident response, malware analysis, or IDS and IPS analyses
- Demonstrated proficiency with regular expression and scripting languages, including Python or PowerShell
- Demonstrated proficiency with data hunting, including ELK, Splunk, Apache Spark, or AWS Stack
- Familiarity with: Netflow data, DNS logs, Proxy Logs
- Experience with network hunting, including Bro Logs, Netflow, PCAP, or PaloAlto firewalls and proxies
- Knowledge of Windows and Linux OS' and command line
- Ability to analyze malware, extract indicators, and create signatures in Yara, Snort, and IOCs
- Strong analytical skills and the ability to effectively research, write, communicate and brief varying levels of audiences to include at the executive level
- Knowledge related to the current state of cyber adversary tactics and trends
- Knowledge of the Splunk search language, search techniques, alerts, dashboards, and report building
- Knowledge of the TCP/IP networking stack and network IDS technologies
Desired:
- Previous experience working as a cyber threat hunter
- Experience with operational security, including security operations centers (SOC), incident response, digital forensics, and malware analysis
- Experience with major cloud service provider offerings
- Knowledge of offensive security tools and techniques
Clearance: Active Secret clearance required Certification:DoD 8570 IAM/IAT Level II certification. This will change to a DoD 8140 equivalent once a DISA 8140 policy is released. Location:This is an on-site role with expectations of being on the client site in Arlington, VA five days a week. Additional Information After several strategic acquisitions in 2021, Tyto Athene has experienced enormous opportunity and growth. Aside from being the leading provider of mission-focused IT and Cyber services and solutions to critical U.S. government agencies, Tyto is well-positioned to meet the growing demand for network modernization requirements across the federal enterprise. Our employees are the key to the innovation that has made Tyto a success. We provide an environment that is geared to reward potential, innovation, and teamwork. If you would like to unleash your creativity and your career -- it's time to join Team Tyto!